2 matches found
Security Bulletin: COGNOS DIRECT INTEGRATION ACCESS REMAINS OPEN AFTER CLOSING MAXIMO SESSION (CVE-2014-6102)
Summary IBM Maximo Asset Management could allow a user to access Cognos BI even after the Maximo session is closed. Vulnerability Details CVE-ID: CVE-2014-6102 DESCRIPTION: IBM Maximo Asset Management could allow a local user to bypass security on another user's Maximo session due to it improperl...
CVE-2014-6102
CVE-2014-6102 affects IBM Maximo Asset Management and related products, where improper logout handling allows a local user to bypass Cognos BI Direct Integration access controls via an unattended workstation. Affected versions include Maximo Asset Management 7.1–7.1.1.13 and 7.5.0 up to 7.5.0.6 (...